The legal department wants to make sure everyone has to see this alert before they may proceed.

As (client-side) javascript can be (and often is) easily turned off 'by default', it is highly probable that some of your visitors would never see such a pop-up

Bearing in mind that your requirements are being driven by your legal department, it is perhaps worth noting that there are various regulations in many countries covering accessibility [google.com], so the use of <noscript> tags is unlikely to be a satisfactory workaround

Instead, I think, you'll need a server-side solution... perhaps something along the lines of the advice given on your thread entilted "What method should I use to restrict access to sections of my website? [webmasterworld.com]"

I discussed that problem with my boss but she doesn't think it will be a problem because the page will be on the Intranet and for employee use only. Thank you for the link. I will pass that info on to her.

In the meantime, I would like to put something up. Just a little something.

I found this code but it says it is LiveScript which must mean it is old!

<SCRIPT LANGUAGE="LiveScript">
<!--
function checkAGE(){
if (!confirm
("(Much leagal speak and warnigs and such. )"))
history.go(-1);return ""}
document.writeln(checkAGE())
<!--End-->
</SCRIPT>

I like the way this works but I have three questions.

1.Is this so old that I will have a problem with it's functionality?

2. The buttons say "OK" and "Cancel". Is there a way to change what they say to "Accept" and "Decline"?

3. The top of the message box reads "The page at www.example.com" read:

Is there a way to change that?

By the way, it's not so much about restricting access to the page. They want to make sure that we make an extra effort to ensure that everyone reads the copyright notices and stuff. I appreciate that is almost impossible but it will make legal happy. :P

Another possible problem: if your office policy requires browser with pop up blockers on, the onLoad will categorically get blocked. New windows that function on user action, however, usually don't. So an alternative choice might be to put the action in any link to this page.

To simplify this, you would move my inline solution here to an external Javascript file so you don't have to code in every page that has the link.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" 
"http://www.w3.org/TR/html4/loose.dtd"> 
<!-- doctype on one line --> 
<html> 
<head> 
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> 
<title>TOS required</title> 
<script type="text/javascript"> 
function newWin(url) { 
 var day = new Date(); 
 var id=day.getTime(); 
 var params = 'width=400,height=400,scrollbars,resizable'; 
 var win=open(url,id,params); 
 win.document.close(); 
 return false; 
} 
</script> 
</head> 
<body> 
<p><a href="#" onClick="return newWin();">Go to Page</a></p> 
</body> 
</html>

But now we have a new problem, navigating to the actual page. In "tos.html" you would want to do the following. The page that opens the pop up is the window.opener:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" 
"http://www.w3.org/TR/html4/loose.dtd"> 
<!-- doctype on one line --> 
<html> 
<head> 
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> 
<title>TOS</title> 
<script type="text/javascript"> 
window.onunload=function () { if (window.opener) { window.opener.location='the_page.html'; } } 
</script> 
</head> 
<body> 
<p>Blah blah blah, I hereby agree to not steal from the company, 
not say bad stuff about the boss, and always put the toilet seat down.</p> 
<form><input type="button" onClick="window.close();" value="OK, I Agree"></form> 
</body> 
</html> 

Where "the_page.html" is your protected page. Note that this works for both the button and "X" ing the page.

This only works on first visit. Thereafter they can bookmark it, which I'm guessing is not a problem. If they go to "the_page.html" directly somehow, what you could do is set a cookie in the code of the popup window (TOS_OK=1). Then on the_page.html have Javascript that checks for the cookie, if it's not present, sent them back a page.

If it's an Intranet, what's the allowed browser? Just IE? Others, too?

What control do employees have over their browser settings?

All of this makes a difference as far as what approach and fall-back approach to take.

I've noticed lately when requesting certain downloads from Microsoft's MSDN site that I first get a "DHTML" popup where I have to click I AGREE before the download will begin.

They are using a "cover div" that puts a gray veil over all the content on the page and then, on top of that, in the center of the page is the popup box with the licensing info and the buttons.

The advantage to this approach is that pop-up blocking won't affect it. If, however, javascript is disabled (unlikely, but possible) it won't work.

Cienwen, i think that you shouldn't use popup in every project even if in yours company computer specialists didn't lock popups. In future can it change and than will problem. You should secure before and use dinamic modal window generated by javascript. It is not so dificult and even you can use free open source libraries to create it. I'm reccommending libraries from yahooUI. There you can see examples: [developer.yahoo.com...]
YUI is one of solutions. You can take a this one or find an other diffrent:)

Have fun:)

<OT rant . . . >

puts a gray veil over all the content on the page and then, on top of that . . . .

. . . Annoys me to no end. :-) I HATE those things. Plesk has them, nothing like waiting for Javascript to finish loading all the pretty graphics over an https connection to follow the one link you need. It's just annoying to be forced to do something in ordinary navigation.

</rant> However, in this case it would probably apply. As you were! :-)

This is all very helpful. Thank you. I am going to run these options by my boss. :)